Skip to content
This repository has been archived by the owner on Mar 22, 2022. It is now read-only.

Add support for Bearer scheme in remove method #403

Merged
merged 1 commit into from
Mar 22, 2017
Merged

Add support for Bearer scheme in remove method #403

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 4 additions & 1 deletion src/service.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,10 @@ class Service {

remove (id, params) {
const defaults = this.app.get('auth');
const accessToken = id !== null ? id : params.headers[defaults.header.toLowerCase()];
const authHeader = params.headers && params.headers[defaults.header.toLowerCase()];
const authParams = authHeader && authHeader.match(/(\S+)\s+(\S+)/);
const accessToken = id !== null ? id : authParams && authParams[2] || authHeader;

// TODO (EK): return error if token is missing?
return this.passport
.verifyJWT(accessToken, merge(defaults, params))
Expand Down
14 changes: 14 additions & 0 deletions test/service.test.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -104,5 +104,19 @@ describe('/authentication service', () => {
expect(response).to.deep.equal({ accessToken });
});
});

it('verifies an accessToken in the header', () => {
const params = { headers: { authorization: accessToken } };
return app.service('authentication').remove(null, params).then(response => {
expect(response).to.deep.equal({ accessToken });
});
});

it('verifies an accessToken in the header with Bearer scheme', () => {
const params = { headers: { authorization: `Bearer ${accessToken}` } };
return app.service('authentication').remove(null, params).then(response => {
expect(response).to.deep.equal({ accessToken });
});
});
});
});